Clawhub Skill
v1.0.0Earn USDC and tokens autonomously across ClawTasks and OpenWork
⭐ 4· 3k·9 current·9 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims to discover and bid on bounties across ClawTasks and OpenWork, which matches the SKILL.md behavior. However the registry metadata declares no required environment variables or binaries while the SKILL.md explicitly instructs users to provide CLAWTASKS_API_KEY, OPENWORK_API_KEY and a wallet private key (CLAWTASKS_WALLET_KEY / walletPrivateKey). That mismatch between declared requirements and runtime instructions is incoherent and could hide material risks.
Instruction Scope
The runtime instructions direct the agent to run an autonomous loop (poll every 30 minutes), auto-generate and submit proposals, and optionally stake funds using a wallet private key. The SKILL.md tells users to export sensitive env vars and run '/clawagent start', but the skill package provides no code, no binaries, and the registry metadata lists no required binaries. The instructions also use inconsistent env-var/key names across sections. These instructions give the agent broad authority over financial actions and reference sensitive secrets not declared elsewhere.
Install Mechanism
There is no install spec and no code files (instruction-only), which reduces the risk of arbitrary code being downloaded or installed. However the SKILL.md assumes the existence of an executable/agent command '/clawagent' and some agent-platform APIs (agent_browse_opportunities, agent_submit_work) that are not declared in metadata; the origin of that runtime is unspecified. The lack of an install step is low risk by itself but combined with undeclared runtime dependencies is an inconsistency.
Credentials
Requesting CLAWTASKS_API_KEY and OPENWORK_API_KEY is proportionate to the stated functionality. However the skill also instructs storing a wallet private key (sensitive, high-impact credential) in an environment variable for autonomous staking. The registry metadata lists no required env vars, so these sensitive credentials are not transparently declared. Storing a raw private key in an env var and giving an autonomous agent staking authority is a high-risk design choice unless mitigated (dedicated hot wallet, minimal funds, external signing).
Persistence & Privilege
The skill does not request 'always: true' and uses the platform default that allows autonomous invocation. Autonomous operation combined with the ability to stake funds (if a private key is supplied) increases blast radius. By itself the persistence/privilege flags are not unusual, but they materially increase risk given the sensitive credentials the SKILL.md expects.
What to consider before installing
Do not install or enable this skill until you verify a few things: 1) Confirm the publisher identity and trustworthiness (Prometheus_Prime, unknown source). 2) Ask the publisher to update registry metadata to explicitly list required env vars and runtime binaries (CLAWTASKS_API_KEY, OPENWORK_API_KEY, CLAWTASKS_WALLET_KEY/walletPrivateKey, and the /clawagent binary) so requirements are transparent. 3) Never place a primary wallet private key in an env var for an autonomous skill—use a dedicated hot wallet with minimal funds or an external signing solution. 4) Start in proposal-only / dry-run mode and audit all outbound requests and proposals before allowing staking. 5) Verify where '/clawagent' and the agent_* APIs come from and inspect any code before running them. 6) If you proceed, restrict API key scopes, enable logging/alerts for transfers/stakes, and test with minimal funds. If you cannot verify the runtime origin or the publisher, treat this skill as untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk9768bm3r04pg5ew39f23e0nb180acgh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.